Skip to main content

OSS Cybersecurity

Overview

The OSS Cybersecurity team is the security and compliance arm of Open Source with SLU. The team maintains the security posture of the OSS portfolio, provides security guidance to product teams, and develops organizational security documentation. The team completed SLSA (Supply-chain Levels for Software Artifacts) compliance across all OSS repositories, then moved to implementing an Okta integration for centralized identity management. Current work focuses on producing security governance documentation.

Information

  • Source Code: https://github.com/oss-slu/oss_cybersecurity git
  • Status: Active (and ongoing)
  • Platforms: Internal Developer Services
  • Client: Open Source with SLU
  • Track: Internal Developer Services
  • Current Tech Lead: Samuel Kann github
  • Developers:
    • Annie Henehan (capstone) github
    • Dennis Sheynkerman (capstone) github
    • Roemen Edwards (alumni) github
  • Start Date: August 2025
  • Technologies Used:
    • SLSA framework (supply chain security)
    • Okta (identity and access management)
    • GitHub Security Advisories
    • Security policy and governance documentation
  • License: MIT
  • Security: SECURITY.md

Technical Information

Development Priorities

  • Develop Security Controls Inventory
  • Create Incident Response Plan
  • Conduct and document Risk Assessment
  • Produce Business Continuity Plan
  • Maintain SLSA compliance and Okta integration across the portfolio

Get Involved

The cybersecurity team coordinates security efforts across the OSS portfolio. For vulnerability reports, please use GitHub Security Advisories. For general inquiries, reach out on the #oss_cybersecurity Slack channel.